Description

Impact

A remote attacker could cause a man-in-the-middle attack via any
certificate issued by a legitimate certification authority. Furthermore,
a local attacker may gain knowledge of user passwords through an
information leak.